Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 74

Source: Jump ESP, jump!

Articles recieved 12/03/2024
Article: Hacking Windows 95, part 1 - published over 10 years ago.
Content: During a CTF game, we came across very-very old systems. Turns out, it is not that easy to hack those dinosaur old systems, because modern tools like Metasploit do not have sploits for those old boxes and of course our "133t h4cking skillz" are useless without Metasploit... :) But I had an idea: This can be a pretty good small research for fun. The rules...
https://jumpespjump.blogspot.com/2014/02/hacking-windows-95-part-1.html 
🔥🔥
 
Published: 2014 02 02 11:11:00
Received: 2024 03 12 23:22:36
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Attacking financial malware botnet panels - Zeus - published about 10 years ago.
Content: I played with leaked financial malware recently. When I saw these panels are written in PHP, my first idea was to hack them. The results are the work of one evening, please don't expect a full pentest report with all vulns found :-) The following report is based on Zeus 2.0.8.9, which is old, but I believe a lot of Zeus clones (and C&C panels) depend...
https://jumpespjump.blogspot.com/2014/02/attacking-financial-malware-botnet.html 
🔥🔥
 
Published: 2014 02 14 10:09:00
Received: 2024 03 12 23:22:35
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Stop using MD-5, now! - published about 10 years ago.
Content: TL;DR: Don't use MD-5 to identify malware samples. Believe me, it is a bad idea. Use SHA-256 or a stronger hash function. This post is dedicated to all malware researchers, still using MD-5 to identify malware samples. Before deep-diving into the details, let me explain my view on this topic. Whenever you want to identify a malware, it is only OK to p...
https://jumpespjump.blogspot.com/2014/03/stop-using-md-5-now.html 
🔥🔥
 
Published: 2014 03 25 08:30:00
Received: 2024 03 12 23:22:35
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: BYOPPP - Build your own privacy protection proxy - published about 10 years ago.
Content: I have read a blog post, where you can build your own privacy proxy server built on Raspberry PI. The post got me thinking about how I can use this to protect my privacy on my Android phone, and also get rid of those annoying ads.  Since I own a Samsung Galaxy S3 LTE with Android 4.3 (with a HW based Knox counter), rooting the phone now means you bre...
https://jumpespjump.blogspot.com/2014/04/byoppp-build-your-own-privacy.html 
🔥🔥
 
Published: 2014 04 01 09:09:00
Received: 2024 03 12 23:22:35
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: WiFi hacking on tablets - published about 10 years ago.
Content: Disclaimer: Don't hack anything where you don't have the authorization to do so. Stay legal. Ever since I bought my first Android device, I wanted to use the device for WEP cracking. Not because I need it, but I want it :) After some googling, I read that you can't use your WiFi chipset for packet injection, and I forgot the whole topic. After a while, I ...
https://jumpespjump.blogspot.com/2014/04/wifi-hacking-on-tablets.html 
🔥🔥
 
Published: 2014 04 22 12:16:00
Received: 2024 03 12 23:22:35
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: DSploit - published about 10 years ago.
Content: DSploit After playing with the applications installed on the Pwn Pad, I found that the most important application (at least for me) was missing from the pre-installed apps. Namely, DSploit. Although DSploit has tons of features, I really liked the multiprotocol password sniffing (same as dsniff) and the session hijacking functionality. The DSploit AP...
https://jumpespjump.blogspot.com/2014/04/dsploit.html 
🔥🔥
 
Published: 2014 04 29 21:56:00
Received: 2024 03 12 23:22:35
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking Windows 95, part 2 - published almost 10 years ago.
Content: In the Hacking Windows 95, part 1 blog post, we covered that through a nasty bug affecting Windows 95/98/ME, the share password can be guessed in no time. In this article, I'm going to try to use this vulnerability to achieve remote code execution (with the help of publicly available tools only). The first thing we can do when we have read access to the Wi...
https://jumpespjump.blogspot.com/2014/05/hacking-windows-95-part-2.html 
🔥🔥
 
Published: 2014 05 23 15:29:00
Received: 2024 03 12 23:22:35
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Attacking financial malware botnet panels - SpyEye - published over 9 years ago.
Content: This is the second blog post in the "Attacking financial malware botnet panels" series. After playing with Zeus, my attention turned to another old (and dead) botnet, SpyEye. From an ITSEC perspective, SpyEye shares a lot of vulnerabilities with Zeus.  The following report is based on SpyEye 1.3.45, which is old, and if we are lucky, the whole SpyEye bra...
https://jumpespjump.blogspot.com/2014/08/attacking-financial-malware-botnet.html 
🔥🔥
 
Published: 2014 08 22 17:09:00
Received: 2024 03 12 23:22:35
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Change passwords regularly - a myth and a lie, don't be fooled, part 1 - published over 9 years ago.
Content: TL;DR: different passwords have different protection requirements, and different attackers using various attacks can only be prevented through different prevention methods. Password security is not simple. For real advise, checking the second post (in progress). Are you sick of password advices like "change your password regularly" or "if your password is ...
https://jumpespjump.blogspot.com/2014/10/change-passwords-regularly-myth-and-lie.html 
🔥🔥
 
Published: 2014 10 01 07:17:00
Received: 2024 03 12 23:22:34
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Change passwords regularly - a myth and a lie, don't be fooled, part 2 - published over 9 years ago.
Content: In the previous blog post, I have covered the different passwords you have to protect, the attackers and attack methods. Now let's look at how we want to solve the issue. Password requirements So far we have learned we have to use long, complex, true random passwords. In theory, this is easy. Now, this is my password advice for 2014: Password chara...
https://jumpespjump.blogspot.com/2014/10/change-passwords-regularly-myth-and-lie_13.html 
🔥🔥
 
Published: 2014 10 13 10:40:00
Received: 2024 03 12 23:22:34
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Bypass hardware firewalls - published over 9 years ago.
Content: This is just a collection of links about my DEF CON 22 presentation, and the two tools I released: Slides: http://www.slideshare.net/bz98/defcon-22-bypass-firewalls-application-white-lists-secure-remote-desktops-in-20-seconds Tools: https://github.com/MRGEffitas/Write-into-screen https://github.com/MRGEffitas/hwfwbypass Presentation video from Hacktivity:...
https://jumpespjump.blogspot.com/2014/11/bypass-hardware-firewalls.html 
🔥🔥
 
Published: 2014 11 09 14:05:00
Received: 2024 03 12 23:22:34
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking freemium games - the evolution of PC game cheating - published over 9 years ago.
Content: This post is going to be a rather strange post compared to previous ones. But bear with me, in the middle of the post you will see why this post fits the IT security topic. I'm also terribly sorry for not posting recently, but I was busy with my SPSE and SLAE certification. Both are recommended for Python and Assembly noobs like me. But back to this post...
https://jumpespjump.blogspot.com/2015/01/hacking-freemium-games-evolution-of-pc.html 
🔥🔥
 
Published: 2015 01 14 19:47:00
Received: 2024 03 12 23:22:34
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Many ways of malware persistence (that you were always afraid to ask) - published about 9 years ago.
Content: TL;DR: Are you into red teaming? Need persistence? This post is not that long, read it ;) Are you into blue teaming? Have to find those pesky backdoors? This post is not that long, read it ;) In the previous post, I listed different ways how a Windows domain/forest can be backdoored. In this new post, I am digging a bit deeper, and list the most common/...
https://jumpespjump.blogspot.com/2015/05/many-ways-of-malware-persistence-that.html 
🔥🔥
 
Published: 2015 05 05 06:32:00
Received: 2024 03 12 23:22:33
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not. - published almost 9 years ago.
Content: Introduction Whenever security professionals recommend the 5 most important IT security practices to average users, one of the items is usually something like: “Avoid using open Wifi” or “Always use VPN while using open WiFi” or “Avoid sensitive websites (e.g. online banking) while using open WiFI”, etc. What I think about this? It is bullshit. But le...
https://jumpespjump.blogspot.com/2015/07/mythbusters-is-open-unencrypted-wifi.html 
🔥🔥
 
Published: 2015 07 23 13:59:00
Received: 2024 03 12 23:22:33
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How to secure your home against "Internet of Things" and FUD - published over 8 years ago.
Content: TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter. Introduction There is rarely a day without news that another "Internet of Things" got hacked. "Smart" safes, "smart" rifles, "smart" cars, "smart" fridges, "smart" TVs,...
https://jumpespjump.blogspot.com/2015/08/how-to-secure-your-home-against.html 
🔥🔥
 
Published: 2015 08 20 11:37:00
Received: 2024 03 12 23:22:33
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How I hacked my IP camera, and found this backdoor account - published over 8 years ago.
Content: The time has come. I bought my second IoT device - in the form of a cheap IP camera. As it was the most affordable among all others, my expectations regarding security was low. But this camera was still able to surprise me. Maybe I will disclose the camera model used in my hack in this blog later, but first, I will try to contact someone regarding these i...
https://jumpespjump.blogspot.com/2015/09/how-i-hacked-my-ip-camera-and-found.html 
🔥🔥
 
Published: 2015 09 26 12:02:00
Received: 2024 03 12 23:22:33
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: One reason why InfoSec sucked in the past 20 years - the "security tips" myth - published almost 8 years ago.
Content: From time to time, I get disappointed how much effort and money is put into securing computers, networks, mobile phones, ... and yet in 2016 here we are, where not much has changed on the defensive side. There are many things I personally blame for this situation, and one of them is the security tips. The goal of these security tips is that if the averag...
https://jumpespjump.blogspot.com/2016/06/one-reason-why-infosec-sucked-in-past.html 
🔥🔥
 
Published: 2016 06 11 12:56:00
Received: 2024 03 12 23:22:33
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Why (I believe) WADA was not hacked by the Russians - published over 7 years ago.
Content: Disclaimer: This is my personal opinion. I am not an expert in attribution. But as it turns out, not many people in the world are good at attribution. I know this post lacks real evidence and is mostly based on speculation. Let's start with the main facts we know about the WADA hack, in chronological order: 1. Some point in time (August - September 20...
https://jumpespjump.blogspot.com/2016/10/why-i-believe-wada-was-not-hacked-by.html 
🔥🔥
 
Published: 2016 10 17 08:41:00
Received: 2024 03 12 23:22:33
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Recovering data from an old encrypted Time Machine backup - published almost 6 years ago.
Content: Recovering data from a backup should be an easy thing to do. At least this is what you expect. Yesterday I had a problem which should have been easy to solve, but it was not. I hope this blog post can help others who face the same problem. The problem 1. I had an encrypted Time Machine backup which was not used for months 2. This backup was not on an of...
https://jumpespjump.blogspot.com/2018/07/recovering-data-from-old-encrypted-time.html 
🔥🔥
 
Published: 2018 07 21 13:42:00
Received: 2024 03 12 23:22:32
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How to build a "burner device" for DEF CON in one easy step - published over 5 years ago.
Content: TL;DR: Don't build a burner device. Probably this is not the risk you are looking for. Introduction Every year before DEF CON people starts to give advice to attendees to bring "burner devices" to DEF CON. Some people also start to create long lists on how to build burner devices, especially laptops. But the deeper we look into the topic, the more confusi...
https://jumpespjump.blogspot.com/2018/08/how-to-build-burner-device-for-def-con.html 
🔥🔥
 
Published: 2018 08 15 07:43:00
Received: 2024 03 12 23:22:32
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacktivity 2018 badge - quick start guide for beginners - published over 4 years ago.
Content: You either landed on this blog post because  you are a huge fan of Hacktivity you bought this badge around a year ago you are just interested in hacker conference badge hacking.  or maybe all of the above. Whatever the reasons, this guide should be helpful for those who never had any real-life experience with these little gadgets.  But first things fi...
https://jumpespjump.blogspot.com/2019/09/hacktivity-2018-badge-quick-start-guide.html 
🔥🔥
 
Published: 2019 09 19 08:56:00
Received: 2024 03 12 23:22:32
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: The RastaLabs experience - published over 4 years ago.
Content: Introduction It was 20 November, and I was just starting to wonder what I would do during the next month. I had already left my previous job, and the new one would only start in January. Playing with PS4 all month might sound fun for some people, but I knew I would get bored quickly. Even though I have some limited red teaming experience, I always fe...
https://jumpespjump.blogspot.com/2020/01/the-rastalabs-experience.html 
🔥🔥
 
Published: 2020 01 16 14:54:00
Received: 2024 03 12 23:22:32
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
23:22 Hacking Windows 95, part 1
🔥🔥
23:22 Attacking financial malware botnet panels - Zeus
🔥🔥
23:22 Stop using MD-5, now!
🔥🔥
23:22 BYOPPP - Build your own privacy protection proxy
🔥🔥
23:22 WiFi hacking on tablets
🔥🔥
23:22 DSploit
🔥🔥
23:22 Hacking Windows 95, part 2
🔥🔥
23:22 Attacking financial malware botnet panels - SpyEye
🔥🔥
23:22 Change passwords regularly - a myth and a lie, don't be fooled, part 1
🔥🔥
23:22 Change passwords regularly - a myth and a lie, don't be fooled, part 2
🔥🔥
23:22 Bypass hardware firewalls
🔥🔥
23:22 Hacking freemium games - the evolution of PC game cheating
🔥🔥
23:22 Many ways of malware persistence (that you were always afraid to ask)
🔥🔥
23:22 Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not.
🔥🔥
23:22 How to secure your home against "Internet of Things" and FUD
🔥🔥
23:22 How I hacked my IP camera, and found this backdoor account
🔥🔥
23:22 One reason why InfoSec sucked in the past 20 years - the "security tips" myth
🔥🔥
23:22 Why (I believe) WADA was not hacked by the Russians
🔥🔥
23:22 Recovering data from an old encrypted Time Machine backup
🔥🔥
23:22 How to build a "burner device" for DEF CON in one easy step
🔥🔥
23:22 Hacktivity 2018 badge - quick start guide for beginners
🔥🔥
23:22 The RastaLabs experience
🔥🔥
Articles recieved 06/04/2023
Article: This is the end - and the beginning - published about 1 year ago.
Content: This post is just to inform everyone that do not expect any new blog posts here, I am moving everything to Jekyll + Github pages. You can find the old posts and all the new posts here: https://httpscolonforwardslashforwardslashwwwdotzoltanbalazsdotcom.com/So long Google....
https://jumpespjump.blogspot.com/2023/04/this-is-end-and-beginning.html 
🔥🔥
 
Published: 2023 04 06 08:39:00
Received: 2023 04 06 08:41:57
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
08:41 This is the end - and the beginning
🔥🔥
Articles recieved 31/03/2023
Article: DNSSEC, from an end-user perspective, part 2 - published over 10 years ago.
Content: In our previous blog post, we have discussed some of the threats against current DNS systems, where the result was that the victim landed on a different resource/website as he/she originally supposed to visit. Since this is not a guide for DNS server operators about DNSSEC implementation, let's jump to the user side and see what you should know if you vi...
https://jumpespjump.blogspot.com/2014/01/dnssec-from-end-user-perspective-part-2.html 
🔥🔥
 
Published: 2014 01 06 11:44:00
Received: 2023 03 31 10:02:51
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: DNSSEC, from an end-user perspective, part 3 - published over 10 years ago.
Content: In the first post of this DNSSEC series, I have shown the problem (DNS vulnerabilities), and in the second post, the "solution." In this third post, I am going to analyze DNSSEC. Can DNSSEC protect the users against all of the attacks? Or just part of them? What about corner cases? The following list are the attack types from the first post, where DNSSEC c...
https://jumpespjump.blogspot.com/2014/01/dnssec-from-end-user-perspective-part-3.html 
🔥🔥
 
Published: 2014 01 25 12:47:00
Received: 2023 03 31 10:02:50
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking Windows 95, part 1 - published over 10 years ago.
Content: During a CTF game, we came across very-very old systems. Turns out, it is not that easy to hack those dinosaur old systems, because modern tools like Metasploit do not have sploits for those old boxes and of course our "133t h4cking skillz" are useless without Metasploit... :) But I had an idea: This can be a pretty good small research for fun. The rules...
https://jumpespjump.blogspot.com/2014/02/hacking-windows-95-part-1.html 
🔥🔥
 
Published: 2014 02 02 11:11:00
Received: 2023 03 31 10:02:50
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Attacking financial malware botnet panels - Zeus - published about 10 years ago.
Content: I played with leaked financial malware recently. When I saw these panels are written in PHP, my first idea was to hack them. The results are the work of one evening, please don't expect a full pentest report with all vulns found :-) The following report is based on Zeus 2.0.8.9, which is old, but I believe a lot of Zeus clones (and C&C panels) depend...
https://jumpespjump.blogspot.com/2014/02/attacking-financial-malware-botnet.html 
🔥🔥
 
Published: 2014 02 14 10:09:00
Received: 2023 03 31 10:02:50
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Stop using MD-5, now! - published about 10 years ago.
Content: TL;DR: Don't use MD-5 to identify malware samples. Believe me, it is a bad idea. Use SHA-256 or a stronger hash function. This post is dedicated to all malware researchers, still using MD-5 to identify malware samples. Before deep-diving into the details, let me explain my view on this topic. Whenever you want to identify a malware, it is only OK to p...
https://jumpespjump.blogspot.com/2014/03/stop-using-md-5-now.html 
🔥🔥
 
Published: 2014 03 25 08:30:00
Received: 2023 03 31 10:02:50
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: BYOPPP - Build your own privacy protection proxy - published about 10 years ago.
Content: I have read a blog post, where you can build your own privacy proxy server built on Raspberry PI. The post got me thinking about how I can use this to protect my privacy on my Android phone, and also get rid of those annoying ads.  Since I own a Samsung Galaxy S3 LTE with Android 4.3 (with a HW based Knox counter), rooting the phone now means you bre...
https://jumpespjump.blogspot.com/2014/04/byoppp-build-your-own-privacy.html 
🔥🔥
 
Published: 2014 04 01 09:09:00
Received: 2023 03 31 10:02:50
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: WiFi hacking on tablets - published about 10 years ago.
Content: Disclaimer: Don't hack anything where you don't have the authorization to do so. Stay legal. Ever since I bought my first Android device, I wanted to use the device for WEP cracking. Not because I need it, but I want it :) After some googling, I read that you can't use your WiFi chipset for packet injection, and I forgot the whole topic. After a while, I ...
https://jumpespjump.blogspot.com/2014/04/wifi-hacking-on-tablets.html 
🔥🔥
 
Published: 2014 04 22 12:16:00
Received: 2023 03 31 10:02:49
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: DSploit - published about 10 years ago.
Content: DSploit After playing with the applications installed on the Pwn Pad, I found that the most important application (at least for me) was missing from the pre-installed apps. Namely, DSploit. Although DSploit has tons of features, I really liked the multiprotocol password sniffing (same as dsniff) and the session hijacking functionality. The DSploit AP...
https://jumpespjump.blogspot.com/2014/04/dsploit.html 
🔥🔥
 
Published: 2014 04 29 21:56:00
Received: 2023 03 31 10:02:49
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking Windows 95, part 2 - published almost 10 years ago.
Content: In the Hacking Windows 95, part 1 blog post, we covered that through a nasty bug affecting Windows 95/98/ME, the share password can be guessed in no time. In this article, I'm going to try to use this vulnerability to achieve remote code execution (with the help of publicly available tools only). The first thing we can do when we have read access to the Wi...
https://jumpespjump.blogspot.com/2014/05/hacking-windows-95-part-2.html 
🔥🔥
 
Published: 2014 05 23 15:29:00
Received: 2023 03 31 10:02:49
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Attacking financial malware botnet panels - SpyEye - published over 9 years ago.
Content: This is the second blog post in the "Attacking financial malware botnet panels" series. After playing with Zeus, my attention turned to another old (and dead) botnet, SpyEye. From an ITSEC perspective, SpyEye shares a lot of vulnerabilities with Zeus.  The following report is based on SpyEye 1.3.45, which is old, and if we are lucky, the whole SpyEye bra...
https://jumpespjump.blogspot.com/2014/08/attacking-financial-malware-botnet.html 
🔥🔥
 
Published: 2014 08 22 17:09:00
Received: 2023 03 31 10:02:49
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Change passwords regularly - a myth and a lie, don't be fooled, part 1 - published over 9 years ago.
Content: TL;DR: different passwords have different protection requirements, and different attackers using various attacks can only be prevented through different prevention methods. Password security is not simple. For real advise, checking the second post (in progress). Are you sick of password advices like "change your password regularly" or "if your password is ...
https://jumpespjump.blogspot.com/2014/10/change-passwords-regularly-myth-and-lie.html 
🔥🔥
 
Published: 2014 10 01 07:17:00
Received: 2023 03 31 10:02:49
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Change passwords regularly - a myth and a lie, don't be fooled, part 2 - published over 9 years ago.
Content: In the previous blog post, I have covered the different passwords you have to protect, the attackers and attack methods. Now let's look at how we want to solve the issue. Password requirements So far we have learned we have to use long, complex, true random passwords. In theory, this is easy. Now, this is my password advice for 2014: Password chara...
https://jumpespjump.blogspot.com/2014/10/change-passwords-regularly-myth-and-lie_13.html 
🔥🔥
 
Published: 2014 10 13 10:40:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Bypass hardware firewalls - published over 9 years ago.
Content: This is just a collection of links about my DEF CON 22 presentation, and the two tools I released: Slides: http://www.slideshare.net/bz98/defcon-22-bypass-firewalls-application-white-lists-secure-remote-desktops-in-20-seconds Tools: https://github.com/MRGEffitas/Write-into-screen https://github.com/MRGEffitas/hwfwbypass Presentation video from Hacktivity:...
https://jumpespjump.blogspot.com/2014/11/bypass-hardware-firewalls.html 
🔥🔥
 
Published: 2014 11 09 14:05:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking freemium games - the evolution of PC game cheating - published over 9 years ago.
Content: This post is going to be a rather strange post compared to previous ones. But bear with me, in the middle of the post you will see why this post fits the IT security topic. I'm also terribly sorry for not posting recently, but I was busy with my SPSE and SLAE certification. Both are recommended for Python and Assembly noobs like me. But back to this post...
https://jumpespjump.blogspot.com/2015/01/hacking-freemium-games-evolution-of-pc.html 
🔥🔥
 
Published: 2015 01 14 19:47:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Thousand ways to backdoor a Windows domain (forest) - published about 9 years ago.
Content: When the Kerberos elevation of privilege (CVE-2014-6324 / MS14-068) vulnerability has been made public, the remediation paragraph of the following blog post made some waves: http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx "The only way a domain compromise can be remediated with a high level of certainty is...
https://jumpespjump.blogspot.com/2015/03/thousand-ways-to-backdoor-windows.html 
🔥🔥
 
Published: 2015 03 05 21:04:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Many ways of malware persistence (that you were always afraid to ask) - published about 9 years ago.
Content: TL;DR: Are you into red teaming? Need persistence? This post is not that long, read it ;) Are you into blue teaming? Have to find those pesky backdoors? This post is not that long, read it ;) In the previous post, I listed different ways how a Windows domain/forest can be backdoored. In this new post, I am digging a bit deeper, and list the most common/...
https://jumpespjump.blogspot.com/2015/05/many-ways-of-malware-persistence-that.html 
🔥🔥
 
Published: 2015 05 05 06:32:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not. - published almost 9 years ago.
Content: Introduction Whenever security professionals recommend the 5 most important IT security practices to average users, one of the items is usually something like: “Avoid using open Wifi” or “Always use VPN while using open WiFi” or “Avoid sensitive websites (e.g. online banking) while using open WiFI”, etc. What I think about this? It is bullshit. But le...
https://jumpespjump.blogspot.com/2015/07/mythbusters-is-open-unencrypted-wifi.html 
🔥🔥
 
Published: 2015 07 23 13:59:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How to secure your home against "Internet of Things" and FUD - published over 8 years ago.
Content: TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter. Introduction There is rarely a day without news that another "Internet of Things" got hacked. "Smart" safes, "smart" rifles, "smart" cars, "smart" fridges, "smart" TVs,...
https://jumpespjump.blogspot.com/2015/08/how-to-secure-your-home-against.html 
🔥🔥
 
Published: 2015 08 20 11:37:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How I hacked my IP camera, and found this backdoor account - published over 8 years ago.
Content: The time has come. I bought my second IoT device - in the form of a cheap IP camera. As it was the most affordable among all others, my expectations regarding security was low. But this camera was still able to surprise me. Maybe I will disclose the camera model used in my hack in this blog later, but first, I will try to contact someone regarding these i...
https://jumpespjump.blogspot.com/2015/09/how-i-hacked-my-ip-camera-and-found.html 
🔥🔥
 
Published: 2015 09 26 12:02:00
Received: 2023 03 31 10:02:48
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: One reason why InfoSec sucked in the past 20 years - the "security tips" myth - published almost 8 years ago.
Content: From time to time, I get disappointed how much effort and money is put into securing computers, networks, mobile phones, ... and yet in 2016 here we are, where not much has changed on the defensive side. There are many things I personally blame for this situation, and one of them is the security tips. The goal of these security tips is that if the averag...
https://jumpespjump.blogspot.com/2016/06/one-reason-why-infosec-sucked-in-past.html 
🔥🔥
 
Published: 2016 06 11 12:56:00
Received: 2023 03 31 10:02:47
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Why (I believe) WADA was not hacked by the Russians - published over 7 years ago.
Content: Disclaimer: This is my personal opinion. I am not an expert in attribution. But as it turns out, not many people in the world are good at attribution. I know this post lacks real evidence and is mostly based on speculation. Let's start with the main facts we know about the WADA hack, in chronological order: 1. Some point in time (August - September 20...
https://jumpespjump.blogspot.com/2016/10/why-i-believe-wada-was-not-hacked-by.html 
🔥🔥
 
Published: 2016 10 17 08:41:00
Received: 2023 03 31 10:02:47
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Recovering data from an old encrypted Time Machine backup - published almost 6 years ago.
Content: Recovering data from a backup should be an easy thing to do. At least this is what you expect. Yesterday I had a problem which should have been easy to solve, but it was not. I hope this blog post can help others who face the same problem. The problem 1. I had an encrypted Time Machine backup which was not used for months 2. This backup was not on an of...
https://jumpespjump.blogspot.com/2018/07/recovering-data-from-old-encrypted-time.html 
🔥🔥
 
Published: 2018 07 21 13:42:00
Received: 2023 03 31 10:02:47
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How to build a "burner device" for DEF CON in one easy step - published over 5 years ago.
Content: TL;DR: Don't build a burner device. Probably this is not the risk you are looking for. Introduction Every year before DEF CON people starts to give advice to attendees to bring "burner devices" to DEF CON. Some people also start to create long lists on how to build burner devices, especially laptops. But the deeper we look into the topic, the more confusi...
https://jumpespjump.blogspot.com/2018/08/how-to-build-burner-device-for-def-con.html 
🔥🔥
 
Published: 2018 08 15 07:43:00
Received: 2023 03 31 10:02:47
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacktivity 2018 badge - quick start guide for beginners - published over 4 years ago.
Content: You either landed on this blog post because  you are a huge fan of Hacktivity you bought this badge around a year ago you are just interested in hacker conference badge hacking.  or maybe all of the above. Whatever the reasons, this guide should be helpful for those who never had any real-life experience with these little gadgets.  But first things fi...
https://jumpespjump.blogspot.com/2019/09/hacktivity-2018-badge-quick-start-guide.html 
🔥🔥
 
Published: 2019 09 19 08:56:00
Received: 2023 03 31 10:02:47
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: The RastaLabs experience - published over 4 years ago.
Content: Introduction It was 20 November, and I was just starting to wonder what I would do during the next month. I had already left my previous job, and the new one would only start in January. Playing with PS4 all month might sound fun for some people, but I knew I would get bored quickly. Even though I have some limited red teaming experience, I always fe...
https://jumpespjump.blogspot.com/2020/01/the-rastalabs-experience.html 
🔥🔥
 
Published: 2020 01 16 14:54:00
Received: 2023 03 31 10:02:47
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
10:02 DNSSEC, from an end-user perspective, part 2
🔥🔥
10:02 DNSSEC, from an end-user perspective, part 3
🔥🔥
10:02 Hacking Windows 95, part 1
🔥🔥
10:02 Attacking financial malware botnet panels - Zeus
🔥🔥
10:02 Stop using MD-5, now!
🔥🔥
10:02 BYOPPP - Build your own privacy protection proxy
🔥🔥
10:02 WiFi hacking on tablets
🔥🔥
10:02 DSploit
🔥🔥
10:02 Hacking Windows 95, part 2
🔥🔥
10:02 Attacking financial malware botnet panels - SpyEye
🔥🔥
10:02 Change passwords regularly - a myth and a lie, don't be fooled, part 1
🔥🔥
10:02 Change passwords regularly - a myth and a lie, don't be fooled, part 2
🔥🔥
10:02 Bypass hardware firewalls
🔥🔥
10:02 Hacking freemium games - the evolution of PC game cheating
🔥🔥
10:02 Thousand ways to backdoor a Windows domain (forest)
🔥🔥
10:02 Many ways of malware persistence (that you were always afraid to ask)
🔥🔥
10:02 Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not.
🔥🔥
10:02 How to secure your home against "Internet of Things" and FUD
🔥🔥
10:02 How I hacked my IP camera, and found this backdoor account
🔥🔥
10:02 One reason why InfoSec sucked in the past 20 years - the "security tips" myth
🔥🔥
10:02 Why (I believe) WADA was not hacked by the Russians
🔥🔥
10:02 Recovering data from an old encrypted Time Machine backup
🔥🔥
10:02 How to build a "burner device" for DEF CON in one easy step
🔥🔥
10:02 Hacktivity 2018 badge - quick start guide for beginners
🔥🔥
10:02 The RastaLabs experience
🔥🔥
Articles recieved 21/08/2022
Article: DNSSEC, from an end-user perspective, part 2 - published over 10 years ago.
Content: In our previous blog post, we have discussed some of the threats against current DNS systems, where the result was that the victim landed on a different resource/website as he/she originally supposed to visit.Since this is not a guide for DNS server operators about DNSSEC implementation, let's jump to the user side and see what you should know if you visit a...
https://jumpespjump.blogspot.com/2014/01/dnssec-from-end-user-perspective-part-2.html 
🔥🔥
 
Published: 2014 01 06 11:44:00
Received: 2022 08 21 07:28:32
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
07:28 DNSSEC, from an end-user perspective, part 2
🔥🔥
Articles recieved 06/06/2021
Article: DNSSEC, from an end-user perspective, part 3 - published over 10 years ago.
Content: In the first post of this DNSSEC series, I have shown the problem (DNS vulnerabilities), and in the second post, the "solution." In this third post, I am going to analyze DNSSEC. Can DNSSEC protect the users against all of the attacks? Or just part of them? What about corner cases?The following list are the attack types from the first post, where DNSSEC can ...
https://jumpespjump.blogspot.com/2014/01/dnssec-from-end-user-perspective-part-3.html 
🔥🔥
 
Published: 2014 01 25 12:47:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking Windows 95, part 1 - published over 10 years ago.
Content: During a CTF game, we came across very-very old systems. Turns out, it is not that easy to hack those dinosaur old systems, because modern tools like Metasploit do not have sploits for those old boxes and of course our "133t h4cking skillz" are useless without Metasploit... :)But I had an idea: This can be a pretty good small research for fun.The rules for t...
https://jumpespjump.blogspot.com/2014/02/hacking-windows-95-part-1.html 
🔥🔥
 
Published: 2014 02 02 11:11:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Attacking financial malware botnet panels - Zeus - published about 10 years ago.
Content: I played with leaked financial malware recently. When I saw these panels are written in PHP, my first idea was to hack them. The results are the work of one evening, please don't expect a full pentest report with all vulns found :-)The following report is based on Zeus 2.0.8.9, which is old, but I believe a lot of Zeus clones (and C&C panels) depend on t...
https://jumpespjump.blogspot.com/2014/02/attacking-financial-malware-botnet.html 
🔥🔥
 
Published: 2014 02 14 10:09:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Stop using MD-5, now! - published about 10 years ago.
Content: TL;DR: Don't use MD-5 to identify malware samples. Believe me, it is a bad idea. Use SHA-256 or a stronger hash function.This post is dedicated to all malware researchers, still using MD-5 to identify malware samples.Before deep-diving into the details, let me explain my view on this topic. Whenever you want to identify a malware, it is only OK to publish th...
https://jumpespjump.blogspot.com/2014/03/stop-using-md-5-now.html 
🔥🔥
 
Published: 2014 03 25 08:30:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: BYOPPP - Build your own privacy protection proxy - published about 10 years ago.
Content: I have read a blog post, where you can build your own privacy proxy server built on Raspberry PI. The post got me thinking about how I can use this to protect my privacy on my Android phone, and also get rid of those annoying ads. Since I own a Samsung Galaxy S3 LTE with Android 4.3 (with a HW based Knox counter), rooting the phone now means you break Knox, ...
https://jumpespjump.blogspot.com/2014/04/byoppp-build-your-own-privacy.html 
🔥🔥
 
Published: 2014 04 01 09:09:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: WiFi hacking on tablets - published about 10 years ago.
Content: Disclaimer: Don't hack anything where you don't have the authorization to do so. Stay legal.Ever since I bought my first Android device, I wanted to use the device for WEP cracking. Not because I need it, but I want it :) After some googling, I read that you can't use your WiFi chipset for packet injection, and I forgot the whole topic.After a while, I read ...
https://jumpespjump.blogspot.com/2014/04/wifi-hacking-on-tablets.html 
🔥🔥
 
Published: 2014 04 22 12:16:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: DSploit - published about 10 years ago.
Content: DSploitAfter playing with the applications installed on the Pwn Pad, I found that the most important application (at least for me) was missing from the pre-installed apps. Namely, DSploit. Although DSploit has tons of features, I really liked the multiprotocol password sniffing (same as dsniff) and the session hijacking functionality.The DSploit APK in the P...
https://jumpespjump.blogspot.com/2014/04/dsploit.html 
🔥🔥
 
Published: 2014 04 29 21:56:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking Windows 95, part 2 - published almost 10 years ago.
Content: In the Hacking Windows 95, part 1 blog post, we covered that through a nasty bug affecting Windows 95/98/ME, the share password can be guessed in no time. In this article, I'm going to try to use this vulnerability to achieve remote code execution (with the help of publicly available tools only).The first thing we can do when we have read access to the Windo...
https://jumpespjump.blogspot.com/2014/05/hacking-windows-95-part-2.html 
🔥🔥
 
Published: 2014 05 23 15:29:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Attacking financial malware botnet panels - SpyEye - published over 9 years ago.
Content: This is the second blog post in the "Attacking financial malware botnet panels" series. After playing with Zeus, my attention turned to another old (and dead) botnet, SpyEye. From an ITSEC perspective, SpyEye shares a lot of vulnerabilities with Zeus. The following report is based on SpyEye 1.3.45, which is old, and if we are lucky, the whole SpyEye branch w...
https://jumpespjump.blogspot.com/2014/08/attacking-financial-malware-botnet.html 
🔥🔥
 
Published: 2014 08 22 17:09:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Change passwords regularly - a myth and a lie, don't be fooled, part 1 - published over 9 years ago.
Content: TL;DR: different passwords have different protection requirements, and different attackers using various attacks can only be prevented through different prevention methods. Password security is not simple. For real advise, checking the second post (in progress).Are you sick of password advices like "change your password regularly" or "if your password is pas...
https://jumpespjump.blogspot.com/2014/10/change-passwords-regularly-myth-and-lie.html 
🔥🔥
 
Published: 2014 10 01 07:17:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Change passwords regularly - a myth and a lie, don't be fooled, part 2 - published over 9 years ago.
Content: In the previous blog post, I have covered the different passwords you have to protect, the attackers and attack methods. Now let's look at how we want to solve the issue. Password requirementsSo far we have learned we have to use long, complex, true random passwords. In theory, this is easy.Now, this is my password advice for 2014:Password character classesU...
https://jumpespjump.blogspot.com/2014/10/change-passwords-regularly-myth-and-lie_13.html 
🔥🔥
 
Published: 2014 10 13 10:40:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Bypass hardware firewalls - published over 9 years ago.
Content: This is just a collection of links about my DEF CON 22 presentation, and the two tools I released:Slides:http://www.slideshare.net/bz98/defcon-22-bypass-firewalls-application-white-lists-secure-remote-desktops-in-20-secondsTools:https://github.com/MRGEffitas/Write-into-screenhttps://github.com/MRGEffitas/hwfwbypassPresentation video from Hacktivity:https://w...
https://jumpespjump.blogspot.com/2014/11/bypass-hardware-firewalls.html 
🔥🔥
 
Published: 2014 11 09 14:05:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacking freemium games - the evolution of PC game cheating - published over 9 years ago.
Content: This post is going to be a rather strange post compared to previous ones. But bear with me, in the middle of the post you will see why this post fits the IT security topic.I'm also terribly sorry for not posting recently, but I was busy with my SPSE and SLAE certification. Both are recommended for Python and Assembly noobs like me. But back to this post.A li...
https://jumpespjump.blogspot.com/2015/01/hacking-freemium-games-evolution-of-pc.html 
🔥🔥
 
Published: 2015 01 14 19:47:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Thousand ways to backdoor a Windows domain (forest) - published about 9 years ago.
Content: When the Kerberos elevation of privilege (CVE-2014-6324 / MS14-068) vulnerability has been made public, the remediation paragraph of the following blog post made some waves:http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx"The only way a domain compromise can be remediated with a high level of certainty is a co...
https://jumpespjump.blogspot.com/2015/03/thousand-ways-to-backdoor-windows.html 
🔥🔥
 
Published: 2015 03 05 21:04:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Many ways of malware persistence (that you were always afraid to ask) - published about 9 years ago.
Content: TL;DR: Are you into red teaming? Need persistence? This post is not that long, read it ;)Are you into blue teaming? Have to find those pesky backdoors? This post is not that long, read it ;)In the previous post, I listed different ways how a Windows domain/forest can be backdoored. In this new post, I am digging a bit deeper, and list the most common/known w...
https://jumpespjump.blogspot.com/2015/05/many-ways-of-malware-persistence-that.html 
🔥🔥
 
Published: 2015 05 05 06:32:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not. - published almost 9 years ago.
Content: IntroductionWhenever security professionals recommend the 5 most important IT security practices to average users, one of the items is usually something like: “Avoid using open Wifi” or “Always use VPN while using open WiFi” or “Avoid sensitive websites (e.g. online banking) while using open WiFI”, etc.What I think about this? It is bullshit. But let’s not j...
https://jumpespjump.blogspot.com/2015/07/mythbusters-is-open-unencrypted-wifi.html 
🔥🔥
 
Published: 2015 07 23 13:59:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How to secure your home against "Internet of Things" and FUD - published over 8 years ago.
Content: TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter.IntroductionThere is rarely a day without news that another "Internet of Things" got hacked. "Smart" safes, "smart" rifles, "smart" cars, "smart" fridges, "smart" TVs, "smart...
https://jumpespjump.blogspot.com/2015/08/how-to-secure-your-home-against.html 
🔥🔥
 
Published: 2015 08 20 11:37:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How I hacked my IP camera, and found this backdoor account - published over 8 years ago.
Content: The time has come. I bought my second IoT device - in the form of a cheap IP camera. As it was the most affordable among all others, my expectations regarding security was low. But this camera was still able to surprise me.Maybe I will disclose the camera model used in my hack in this blog later, but first, I will try to contact someone regarding these issue...
https://jumpespjump.blogspot.com/2015/09/how-i-hacked-my-ip-camera-and-found.html 
🔥🔥
 
Published: 2015 09 26 12:02:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: One reason why InfoSec sucked in the past 20 years - the "security tips" myth - published almost 8 years ago.
Content: From time to time, I get disappointed how much effort and money is put into securing computers, networks, mobile phones, ... and yet in 2016 here we are, where not much has changed on the defensive side. There are many things I personally blame for this situation, and one of them is the security tips.The goal of these security tips is that if the average use...
https://jumpespjump.blogspot.com/2016/06/one-reason-why-infosec-sucked-in-past.html 
🔥🔥
 
Published: 2016 06 11 12:56:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Why (I believe) WADA was not hacked by the Russians - published over 7 years ago.
Content: Disclaimer: This is my personal opinion. I am not an expert in attribution. But as it turns out, not many people in the world are good at attribution. I know this post lacks real evidence and is mostly based on speculation.Let's start with the main facts we know about the WADA hack, in chronological order:1. Some point in time (August - September 2016), the ...
https://jumpespjump.blogspot.com/2016/10/why-i-believe-wada-was-not-hacked-by.html 
🔥🔥
 
Published: 2016 10 17 08:41:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Recovering data from an old encrypted Time Machine backup - published almost 6 years ago.
Content: Recovering data from a backup should be an easy thing to do. At least this is what you expect. Yesterday I had a problem which should have been easy to solve, but it was not. I hope this blog post can help others who face the same problem.The problem1. I had an encrypted Time Machine backup which was not used for months2. This backup was not on an official A...
https://jumpespjump.blogspot.com/2018/07/recovering-data-from-old-encrypted-time.html 
🔥🔥
 
Published: 2018 07 21 13:42:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: How to build a "burner device" for DEF CON in one easy step - published over 5 years ago.
Content: TL;DR: Don't build a burner device. Probably this is not the risk you are looking for.IntroductionEvery year before DEF CON people starts to give advice to attendees to bring "burner devices" to DEF CON. Some people also start to create long lists on how to build burner devices, especially laptops. But the deeper we look into the topic, the more confusing it...
https://jumpespjump.blogspot.com/2018/08/how-to-build-burner-device-for-def-con.html 
🔥🔥
 
Published: 2018 08 15 07:43:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: Hacktivity 2018 badge - quick start guide for beginners - published over 4 years ago.
Content: You either landed on this blog post because you are a huge fan of Hacktivityyou bought this badge around a year agoyou are just interested in hacker conference badge hacking. or maybe all of the above. Whatever the reasons, this guide should be helpful for those who never had any real-life experience with these little gadgets. But first things first, here is...
https://jumpespjump.blogspot.com/2019/09/hacktivity-2018-badge-quick-start-guide.html 
🔥🔥
 
Published: 2019 09 19 08:56:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: The RastaLabs experience - published over 4 years ago.
Content: IntroductionIt was 20 November, and I was just starting to wonder what I would do during the next month. I had already left my previous job, and the new one would only start in January. Playing with PS4 all month might sound fun for some people, but I knew I would get bored quickly.Even though I have some limited red teaming experience, I always felt that I ...
https://jumpespjump.blogspot.com/2020/01/the-rastalabs-experience.html 
🔥🔥
 
Published: 2020 01 16 14:54:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
Article: My WHCD exam experience - published over 3 years ago.
Content: IntroductionMy story starts in July in Budapest, summer is hot. Way too hot. I am working in the cozy air-conditioned office room and look at my daily schedule. I have a business lunch with Sándor Fehér, co-founder & CEO at White Hat IT Security at an Italian restaurant. This will be a casual meeting, catching up with each other, no preparation needed. I...
https://jumpespjump.blogspot.com/2020/09/my-whcd-exam-experience.html 
🔥🔥
 
Published: 2020 09 10 06:21:00
Received: 2021 06 06 09:04:53
Feed: Jump ESP, jump!
Source: Jump ESP, jump!
Category: Cyber Security
Topic: Cyber Security
09:04 DNSSEC, from an end-user perspective, part 3
🔥🔥
09:04 Hacking Windows 95, part 1
🔥🔥
09:04 Attacking financial malware botnet panels - Zeus
🔥🔥
09:04 Stop using MD-5, now!
🔥🔥
09:04 BYOPPP - Build your own privacy protection proxy
🔥🔥
09:04 WiFi hacking on tablets
🔥🔥
09:04 DSploit
🔥🔥
09:04 Hacking Windows 95, part 2
🔥🔥
09:04 Attacking financial malware botnet panels - SpyEye
🔥🔥
09:04 Change passwords regularly - a myth and a lie, don't be fooled, part 1
🔥🔥
09:04 Change passwords regularly - a myth and a lie, don't be fooled, part 2
🔥🔥
09:04 Bypass hardware firewalls
🔥🔥
09:04 Hacking freemium games - the evolution of PC game cheating
🔥🔥
09:04 Thousand ways to backdoor a Windows domain (forest)
🔥🔥
09:04 Many ways of malware persistence (that you were always afraid to ask)
🔥🔥
09:04 Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not.
🔥🔥
09:04 How to secure your home against "Internet of Things" and FUD
🔥🔥
09:04 How I hacked my IP camera, and found this backdoor account
🔥🔥
09:04 One reason why InfoSec sucked in the past 20 years - the "security tips" myth
🔥🔥
09:04 Why (I believe) WADA was not hacked by the Russians
🔥🔥
09:04 Recovering data from an old encrypted Time Machine backup
🔥🔥
09:04 How to build a "burner device" for DEF CON in one easy step
🔥🔥
09:04 Hacktivity 2018 badge - quick start guide for beginners
🔥🔥
09:04 The RastaLabs experience
🔥🔥
09:04 My WHCD exam experience
🔥🔥

Get your Free Scan and Score Certificate

Cyber Tzar Free Score Certificate
Cyber Tzar Free Score Certificate

Get your repeat Free Scan and Score Certificate

Cyber Tzar Score Summary
Cyber Tzar Score Summary

Cyber Security Made Simple

Cyber Tzar Your Score Explained
Cyber Tzar Your Score Explained

Cyber Tzar Platform Highlights

Cyber Tzar Gold Score Certificate
Cyber Tzar Gold Score Certificate

Cyber Tzar Sites

Cyber Tzar Score Analysis
Cyber Tzar Score Analysis
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 74
  • "Home" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
  • Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
  • Authors is the most poorly serviced field in the articles we see from cyber security news providers.
  • Only Published Date selections use the articles Published Date (for ordering and grouping).
  • The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
  • All subsequent pages show fifty items.
  • Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
  • Return to the top of this page "Go Now"

Custom HTML Block

Click to Open Code Editor